BluePass: A Mobile Device Assisted Password Manager

Authors

DOI:

https://doi.org/10.4108/eai.10-1-2019.156244

Keywords:

Authentication, Password, Password Manager, Two-factor Authentication

Abstract

With the growing number of online accounts a user possesses, managing passwords has been unprecedentedly challenging. Password managers have emerged to help users managing their passwords. However, state-of-the-art cloud based password managers are vulnerable to data breach and a master password becomes a single point of failure. To address these security vulnerabilities, we propose BluePass, a password manager that stores the password vault (i.e., the set of all the encrypted site passwords of a user) locally in a mobile device and a decryption key to the vault in the user computer. BluePass partially inherits the security characteristics of two-factor authentication by requiring both a mobile device and a master password to retrieve and decrypt the site passwords. BluePass leverages short-range nature of Bluetooth to automatically retrieve site passwords and fill the login fields, providing a hand-free user experience.

Downloads

Published

21-12-2018

How to Cite

Li, Y. ., Wang, H. ., & Sun, K. . (2018). BluePass: A Mobile Device Assisted Password Manager. EAI Endorsed Transactions on Security and Safety, 5(17), e3. https://doi.org/10.4108/eai.10-1-2019.156244